[Openswan Users]
Paul Wouters
paul at xelerance.com
Fri Aug 12 18:52:11 CEST 2005
On Fri, 12 Aug 2005, bigred at teksavvy.com wrote:
> Here's my connection description:
>
> conn my-connection
> authby=rsasig
> leftid=@freeswan-gateway.kpsi.com
> leftrsasigkey=a rsasig
> left=a.b.c.d
> leftsubnet=0.0.0.0/0
> rightsubnet=172.26.47.0/24
> rightid=@9997.kpsi.com
> rightrsasigkey=a different rsasig
> right=%defaultroute
> auto=start
>
> The linux box is connected to a PPPOE based dsl connection that gives me an IP of e.f.g.h and a default gateway of w.x.y.z.
> The internal interface IP is 172.26.47.100.
>
> When the tunnel is down I can ssh to e.f.g.h fine. When the tunnel is up, I can't ssh to e.f.g.h but can
> (obviously using the tunnel) ssh to 172.26.47.0/24. As a test, I changed leftsubnet=0.0.0.0/0 to 192.168.1.0/24
> (and made the corresponding changes on the other end) and I could ssh to e.f.g.h regardless of whether the tunnel
> was up or down.
Are you trying to ssh from the remote VPN endpoint? I do not understand the
issue still. I have servers connecting that receive a subnet and use a
rightsubnet=0.0.0.0/0 but I could always just reach the server by either its
real PPPOE IP address, or one of the IP's from the subnet it used itself.
Are you using: include /etc/ipsec.d/examples/no_oe.conf to disable OE?
You can try adding a passthrough conn :
conn exclude-remote
authby=never
left=e.f.g.h
right=%any
type=passthrough
auto=route
More information about the Users
mailing list